We’re living history. We’ve heard it uttered in everything from news reports to conversations with loved ones. And it’s true — the tragedy and uncertainty of COVID-19 is shaping history and policy as we know it. But there’s something else newsworthy, too. Amid the pandemic, we’ve seen beacons of hope, humanity and progress. People have banded together to solve monumental problems at record pace.

Hopefully you caught our Splunk Developer Spring 2020 Update in May, if you haven’t yet what are you waiting for? It introduces many updates from Splunk, including Splunk’s latest simulation tool — SimData. SimData is the best way to simulate correlated data sets for your Splunk apps. Here, we’ll cover the basics, and we’ve provided some helpful links at the bottom of this post for more details. We’ve got your back.

After my last blog around sending Github Data to Splunk via Webhooks, I received a healthy amount of feedback that I want to address here. I learned that (unsurprisingly) a lot of customers are curious about, or dependant on, other cloud platforms out there. In fact, I heard directly from some customers who specifically cannot use any other cloud platforms than one in particular that was not highlighted in my last blog.

Security is easy, right? Get yourself a patchwork of security point products meant to solve one or two specific problems, and your organization is safe from threats! Ah, if only it were that simple… In reality, security operations are disjointed and complex. Security visibility and functionality (i.e. threat detection, investigation, containment and response capabilities) are often divided among a multitude of different security products (e.g.

As you build more complicated Splunk apps, you might wonder, “What is the best way to make the features in my app more usable?” If you’re adding new SPL commands or creating ways to input new data sources, the answer is straightforward. But imagine you’re trying to address one of the following scenarios: For cases like these, consider extending the Splunk REST API with custom endpoints.

When was the last time you had the chance to listen to some of the most beautiful concerts that nature can play for you? From simple chirps and tweets to complex bird songs composed into a sophisticated soundscape, you may wish you could decrypt and understand their daily conversation. “Hey, good morning, how are you today?”, you might hear in the early hours, sometimes so loudly that you are awakened from the chirping.

In May we released the Splunk Machine Learning Toolkit (MLTK) version 5.2. We’ve loved telling you about some of the great new features, including the most recent blog on DensityFunction. However, we know that before you can start experimenting with model-building algorithms such as DensityFunction, your data needs to be prepared for machine learning. Machine learning operates best when you provide clean data as the foundation for building your models.

The world is changing at a pace not seen in modern history. Security leaders, including chief information security officers (CISOs), face new security challenges as well as opportunities. As COVID-19 drives workers to look for new ways to live and work, organizations must be proactive. The ‘new normal’ may seem scary at first, but savvy CISOs who see beyond tactical changes to the threat landscape can capitalize on opportunities.

We are excited to announce the availability of the Splunk App for HashiCorp Vault. Using this app, organizations can seamlessly ingest and visualize performance metrics and audit logs in Splunk to investigate, monitor, analyze and act on Vault data across DevSecOps use cases.

The Slack Audit Logs API is for monitoring the audit events happening in a Slack Enterprise Grid organization to ensure continued compliance, to safeguard against any inappropriate system access, and to allow the user to audit suspicious behavior within the enterprise. This essentially means it is an API to know who did what and when in the Slack Enterprise Grid account. We are excited to announce the Slack Add-on for Splunk, that targets this API as a brand new data source for Splunk.